Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cMPaenbtg7qddilJhlmGcpYEbiE.roa
File: cMPaenbtg7qddilJhlmGcpYEbiE.roa (raw, json)
Hash identifier: 4xMEBYxur5omyp03GK3xhTBn9q9voP9t182znroK5Rw=
Subject key identifier: 70:C3:DA:7A:76:ED:83:BA:9D:76:29:49:86:59:86:72:96:04:6E:21
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7E7A9A6F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cMPaenbtg7qddilJhlmGcpYEbiE.roa
Signing time: Mon 25 Apr 2022 21:09:33 +0000
ROA not before: Mon 25 Apr 2022 21:09:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2121964143 (0x7e7a9a6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 25 21:09:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70c3da7a76ed83ba9d7629498659867296046e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b1:06:7c:e9:55:71:9d:0a:28:bc:07:02:51:
db:02:32:2f:c5:65:8b:8d:62:da:a0:d0:ab:2f:24:
8b:e7:52:2c:3d:20:ab:e3:c9:56:0d:b1:e8:9b:a2:
b2:80:1b:3e:74:eb:c6:54:13:21:13:5e:d1:d4:27:
42:0d:e5:bd:79:7b:61:fd:94:f2:5c:e1:c8:d4:23:
da:e4:23:8e:6e:d2:23:6c:6a:9a:82:93:36:ea:c2:
0d:fd:7e:80:84:7e:b6:0f:d8:cb:9b:0e:4d:20:68:
19:11:dd:8e:94:56:e9:16:37:57:5a:8a:88:16:2d:
c8:eb:84:0d:e9:21:81:8f:49:cc:91:67:8e:99:b0:
b0:02:56:48:e4:ee:0f:71:a2:ba:04:4a:d1:c3:b5:
4b:01:8d:d9:aa:50:1c:1d:42:4a:3c:79:3a:f5:20:
8d:3d:63:79:96:32:09:fa:f2:22:f2:76:03:a9:93:
87:06:16:a0:92:e7:58:99:c8:19:49:fe:77:ef:40:
87:0d:dd:41:c0:0d:94:4f:e5:5f:be:a7:b5:0a:a9:
a4:53:78:6b:a0:fe:36:5f:b7:c4:3e:45:5b:43:0b:
3c:0a:b4:7a:5f:6b:d2:89:cb:c0:74:44:eb:bd:e9:
e5:50:26:2d:53:26:dd:2c:92:a7:d1:65:c9:18:e7:
49:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C3:DA:7A:76:ED:83:BA:9D:76:29:49:86:59:86:72:96:04:6E:21
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cMPaenbtg7qddilJhlmGcpYEbiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:b8:72:93:1a:06:f1:3b:3b:54:5d:f1:7c:00:f2:90:41:e7:
6f:05:07:3f:95:55:2a:f5:41:ec:31:ab:46:0d:51:aa:04:5e:
78:36:d6:f4:c6:a3:ae:d4:db:da:d3:df:3f:48:e0:ae:bb:2d:
7f:0e:6d:fb:a8:bb:e3:d9:e0:9c:e3:dc:f1:b1:4f:bd:ac:e5:
7a:ca:92:bf:08:21:fc:77:2a:f2:77:cc:2b:7e:98:48:fd:36:
ca:a1:ad:4f:88:6b:b2:0a:60:fb:9a:ef:c5:dc:12:ad:08:ba:
fa:bc:24:2e:82:6c:fe:ef:65:3e:42:ca:72:dd:ac:aa:b7:26:
7e:9c:ce:0a:d2:4e:fb:34:fb:71:ba:23:75:23:7b:ef:f1:91:
fe:eb:d6:fc:19:a5:f2:c1:71:2c:91:79:50:4e:b9:ae:ae:3a:
ac:45:f7:79:bb:f9:b2:5e:bf:1c:3a:f7:de:fb:e1:db:ba:d3:
62:c7:64:2b:01:d9:94:c4:78:36:61:16:81:b8:8b:f3:71:0f:
ce:8a:30:6f:6b:f3:c1:a3:d4:de:21:f3:a8:b2:ef:50:bc:45:
b7:1a:6c:2c:17:61:58:a1:55:58:c2:4c:dc:07:d4:e2:89:02:
26:43:13:c0:f7:fb:06:18:07:dd:91:59:37:70:2a:4a:8d:d7:
96:2e:f4:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEfnqabzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQy
NTIxMDkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBjM2RhN2E3NmVk
ODNiYTlkNzYyOTQ5ODY1OTg2NzI5NjA0NmUyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCxBnzpVXGdCii8BwJR2wIyL8Vli41i2qDQqy8ki+dSLD0g
q+PJVg2x6JuisoAbPnTrxlQTIRNe0dQnQg3lvXl7Yf2U8lzhyNQj2uQjjm7SI2xq
moKTNurCDf1+gIR+tg/Yy5sOTSBoGRHdjpRW6RY3V1qKiBYtyOuEDekhgY9JzJFn
jpmwsAJWSOTuD3GiugRK0cO1SwGN2apQHB1CSjx5OvUgjT1jeZYyCfryIvJ2A6mT
hwYWoJLnWJnIGUn+d+9Ahw3dQcANlE/lX76ntQqppFN4a6D+Nl+3xD5FW0MLPAq0
el9r0onLwHRE673p5VAmLVMm3SySp9FlyRjnSYsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRww9p6du2Dup12KUmGWYZylgRuITAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2NNUGFlbmJ0ZzdxZGRpbEpobG1HY3BZRWJpRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBRuHKTGgbxOztUXfF8APKQQedvBQc/lVUq9UHs
MatGDVGqBF54Ntb0xqOu1Nva098/SOCuuy1/Dm37qLvj2eCc49zxsU+9rOV6ypK/
CCH8dyryd8wrfphI/TbKoa1PiGuyCmD7mu/F3BKtCLr6vCQugmz+72U+Qspy3ayq
tyZ+nM4K0k77NPtxuiN1I3vv8ZH+69b8GaXywXEskXlQTrmurjqsRfd5u/myXr8c
Ovfe++HbutNix2QrAdmUxHg2YRaBuIvzcQ/OijBva/PBo9TeIfOosu9QvEW3Gmws
F2FYoVVYwkzcB9TiiQImQxPA9/sGGAfdkVk3cCpKjdeWLvTV
-----END CERTIFICATE-----
Generated at Thu May 1 07:25:56 2025 by rpki-client